Incorrect Default Permissions in Tanium Enforce Product
CVE-2025-15343

6.5MEDIUM

Key Information:

Vendor: Tanium
Status: Enforce
Vendor: CVE Published:; 5 February 2026

What is CVE-2025-15343?

Tanium has identified a vulnerability within its Enforce product, which is related to incorrect default permissions. This issue could potentially allow unauthorized users to gain higher privileges than intended, exposing systems to security risks. It is essential for system administrators to review their configurations and apply the necessary updates to mitigate any potential threats. For further details, refer to the official security advisory TAN-2025-032.

Affected Version(s)

Enforce 2.7.0 < 2.7.367

Enforce 2.8.0 < 2.8.601

Enforce 2.9.0 < 2.9.574

References

https://security.tanium.com/TAN-2025-032

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 5, 2026
Vulnerability Reserved
Dec 29, 2025

CVE-2025-15343 Data

JSON